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1. (Currently Amended) Apparatus for use by a first party for key management for 
secure communication with a second party, said key management being to provide at each 
party, simultaneously remotely, identical keys for said secure communication without 
transferring said keys over any communication link, the apparatus comprising: 

a datastream extractor, configured to for obtaining extract a bitstream from data 
exchanged between said parties a bitstream,; 

a random selector configured for selecting, from said bitstream, a series of bits in 
accordance with a randomization seeded by said data exchanged between said parties , said 
randomization being identical to a randomization carried out at said second party, thereby 
ensuring that said series of bits is identical at both parties: 

a key generator configured for separately g enerating at said first party a key for 
encryption/decryption based on said series of bits, 

thereby to separately generate a key at said first party which is identical to a key 
likewise generated at said second party based on said exchanged information, thus to manage 
key generation in a manner repeatable at said parties. 

2. (Original) Apparatus according to claim 1, the random selector being operable 
to use results of said randomization as addresses to point to bits in said datastream. 

3. (Original) Apparatus according to claim 1, said key generator operable to 
generate a new key after a predetermined number of message bits have been exchanged 
between said parties. 
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4. (Original) Apparatus according to claim 3, said predetermined number of 
message bits being substantially equal to a length in bits of said key. 

5. (Original) Apparatus according to claim 1, further comprising a control 
messager for sending control messages to said remote party, thereby to indicate to said remote 
party a state of said apparatus to enable said remote party to determine whether said remote 
party is synchronized therewith to generate an identical key. 

6. (Original) Apparatus according to claim 5, further comprising a synchronized 
state determiner, for determining from control messages received from a remote party whether 
said apparatus is synchronized therewith to generate an identical key. 

7. (Original) Apparatus according to claim 6, further comprising a resynchronizer, 
associated with said synchronous state determiner, said resynchronizer having a 
^synchronization random selector for selecting, from a part of said bitstream previously used 
by said random selector, a series of bits in accordance with a randomization seeded by said 
data exchanged between said parties,, in the event of determination of synchronization loss, 
thereby to regain synchronization. 



8. (Original) Apparatus according to claim 7, wherein said series of bits is a series 
of bits previously used by said random selector. 



4 



In re Application of: Yanovsky 
Serial No.: 10/520,274 
Filed: January 18, 2005 



Examiner: Shahrouz 
Group Art Unit: 2132 
Attorney Docket: 29238 



Office Action Mailing Date: April 22, 2008 

9. (Original) Apparatus according to claim 6, wherein said control messager is 
operatively connected to said synchronous state determiner, thereby to include within said 
control messages a determination of synchronization loss. 

1 0. (Original) Apparatus according to claim 7, wherein said control messager is 
operatively connected with said resynchronizer, to control said resynchronizer to carry out 
said selection in the event of receipt of a message from said remote party that said remote 
party has lost synchronization. 

11. (Original) Apparatus according to claim 7, said data communication being 
arranged in cycles, said part of said bitstream being exchangeable in each cycle. 

12. (Original) Apparatus according to claim 11, said cycle being arranged into sub- 
units, each said cycle having an exchange point at its beginning for carrying out said 
exchange. 

13. (Original) Apparatus according to claim 10, said messager being usable to 
exchange control messages with said remote party to ensure that a same bitstream part is used 
for ^synchronization at both said parties. 



14. (Original) Apparatus according to claim 12, said messager being usable to vary 
a control message in accordance with a sub-cycle current at a synchronization loss event, 
thereby to control said remote party to resynchronize using a same bitstream part. 
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15. (Original) Apparatus according to claim 14, operable to respond to messages 
sent by a remote party following said synchronization loss event, to revert to same said 
bitstream part as said message indicates that said remote party intends to use. 

16. (Original) Apparatus according to claim 1, comprising circuitry for determining 
which of itself and said remote party is a transmitting party and being operable to control said 
synchronization when it is a transmitting party and to respond to control commands of said 
remote party when said remote party is said transmitting party. 

1 7. (Original) Apparatus according to claim 6, wherein said synchronized state 
determiner comprises: 

a calculation circuit for carrying out an irreversible calculation on any one of said 
bitstream, said randomization, said key and derivations thereof, and 

a comparator for comparing a result of said calculation with a result received from 
said remote party, 

thereby to determine whether said parties are in synchronization. 

1 8. (Original) Apparatus according to claim 17, wherein said irreversible 
calculation comprises a one-way function. 

19. (Original) Apparatus according to claim 1, said system being operable to 
provide key management for a symmetric cryptography algorithm. 
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20. (Original) Apparatus according to claim 19, being constructed modularwise 
such that said cryptography algorithm is exchangeable. 



least two separate parties, the system comprising 

a primary bitstream for exchange between said parties, 
and at each party: 

a selector configured for randomly selecting, at predetermined selection intervals, 
parts of said primary bitstream to form a derived bit source, each selector being operable to 
use said derived bit source, in an identical manner, to randomize said selecting, and 

a key generator configured for separately g enerating at each of said separate parties 
cryptography keys at predetermined key generating intervals using said derived bit source of a 
corresponding selection interval. 

22. (Original) A system according to claim 21, wherein said primary bitstream is 
obtainable as a stream of bits from a data communication process between said two parties. 

23. (Original) A system according to claim 21, wherein said bits in said primary 
bitstream are separately identifiable by an address, and wherein said selector is operable to 
select said bits by random selection of addresses. 



21. (Currently Amended) 



A system for providing key management between at 



24. (Original) A system according to claim 21, wherein each selector comprises an 
address generator and each address generator is identically set. 
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25. (Original) A system according to claim 21, further comprising a controller for 
exchanging control data between said parties to enable each party to determine that each 
selector is operating synchronously at each party. 

26. (Original) A system according to claim 25, wherein said control data includes 
any one of a group comprising: 

redundancy check data, and 
a hash encoding result, 
of at least some of the bits from said derived bit source. 

27. (Original) A system according to claim 25, wherein said control data includes any 
one of a group comprising: 

redundancy check data, and 
a hash encoding result, 
of at least some of the bits of said randomization. 

28. (Original) A system according to claim 25, wherein said control data includes any 
one of a group comprising: 

redundancy check data, and 
a hash encoding result, 
of at least some of the bits from said key. 



29. (Original) A system according to claim 25, wherein said control data includes 
any one of a group comprising: 
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redundancy check data of at least some of said addresses, and 
a hash encoding result of at least some of said addresses. 

30. (Original) A system according to claim 25, further comprising at each party a 
resynchronizer operable to determine from said control data that synchronization has been lost 
between the parties and to regain synchronization based on a predetermined earlier part of 
said derived bit source. 

31. (Original) A system according to claim 22, further comprising at each party a 
resynchronizer operable to determine from control data exchanged between said parties that 
synchronization has been lost between said parties and to regain synchronization based on a 
predetermined earlier part of said derived bit source. 

32. (Original) A system according to claim 31, said data communication process 
being arranged in cycles, said predetermined earlier part being exchangeable in each cycle. 

33. (Original) A system according to claim 32, said cycles being arranged into sub- 
units, each said cycle having an exchange point at its beginning for carrying out said 
exchange of said predetermined earlier part of said derived bit source. 



34. (Original) A system according to claim 30, said controller being usable to 
include in said control messages, data to ensure that a predetermined earlier part of said 
derived bit source of a same cycle is used for ^synchronization at both said parties. 
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35. (Original) A system according to claim 33, said controller being usable to vary 
a control message in accordance with a sub-cycle current at a synchronization loss event, 
thereby to control said remote party to resynchronize using same said predetermined earlier 
part of said derived bit source. 

36. (Original) A system according to claim 35, operable to respond to messages 
sent by a remote party following said synchronization loss event, to revert to same said 
predetermined earlier part of said derived bit source as said message indicates that said remote 
party intends to use. 

37. (Currently Amended) A method of key management with at least one 
remote party, comprising the steps of: 

sharing with said remote party a primary data stream, 
using said primary data stream to form a randomizer, 

selecting parts of said primary data stream using said randomizer to form a derived 
data source, and 

using said derived data source to form cryptography keys separately at different 
parties at predetermined intervals. 



38. (Original) A method according to claim 37, wherein said primary data source is 
obtainable as a stream of bits from a communication process between said two parties. 
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39. (Original) A method according to claim 37, wherein said primary data source 
comprises a stream of data bits divisible into data units and comprising selecting at random 
from the data bits of each data unit. 

40. (Original) A method according to claim 39, wherein said bits in said data units 
are separately identifiable by addresses, and comprising selecting said bits by using said 
randomizer as an address pointer. 

41. (Original) A method according to claim 37, wherein selecting is carried out by 
using identically set pseudorandom data generation at each party, and using said derived data 
source as a seed for said pseudorandom data generation. 

42. (Original) A method according to claim 37, further comprising exchanging 
control data between said parties to enable each party to determine whether they are operating 
synchronously with said other party. 

43. (Original) A method according to claim 42, wherein said control data includes 
any one of a group comprising: 

redundancy check data of at least some of said derived data source, and 
a hash encoding result of at least some of said derived data source. 

44. (Original) A method according to claim 42, comprising determining from said 
control data that synchronization has been lost between the parties and regaining 
synchronization based on a predetermined earlier part of said derived data source. 
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45. (Original) A method according to claim 44, further comprising a step of 
exchanging said predetermined earlier part of said derived data source at predetermined 
intervals. 

46. (Original) A method according to claim 45, further comprising steps of: 
determining a possibility of each party being at a different cycle at synchronization 

loss, and 

controlling said ^synchronization to use a same predetermined earlier part of said 
derived data source at both parties. 

47. (Original) A method according to claim 45, further comprising creating in 
advance a future cycle's predetermined earlier part of said derived data source for 
resynchronizing with a party that has already moved to such a cycle. 



48. (Original) A method according to claim 37, in use to provide key management for 
a symmetric cryptography algorithm. 



